Researchers Steal Data From Air-Gapped Computer Over Power Lines

Researchers Steal Data From Air-Gapped Computer Over Power Lines

No computer system in the world is completely secure, so businesses and governments often keep their most sensitive data in so-called “air-gapped” machines. These computers are not connected to the internet or to any other local devices, making it almost impossible to steal data. It’s almost impossible, but there have been several clever proof-of-concept hacks that can do just that. The most recent comes from researchers at Israel’s Ben Gurion University of the Negev and involves sending data over power lines.

Like most hacks for air-gapped systems, this technique assumes you’ve had physical access to the computer at some point. The difficult part is not accessing an air-gapped computer, but exfiltrating the data. Past hacks have included monitoring fan noise, heat generation, and more. This time, it’s the power used by the air-gapped computer that’s leaking data.

The attack begins when someone loads the “PowerHammer” malware on the air-gapped system. This program scans the drive for files you might want to transmit, and then it manipulates the CPU’s power usage, altering the amount of current the computer draws. This can be used to send a signal over the power lines consisting of high and low power usage — 1s and 0s in binary.

In order to receive this signal, the hacker needs to have access to a building’s outside electrical panel. From the panel, you can gather data from the computer at less than 10 bits per second. The researchers call this phase-level powerhammering. If the hacker is inside the building, a more powerful version of the attack called line-level powerhammering is possible. With fewer unrelated signals on the line, the malware can modulate CPU power usage faster and the hacker can still pick up the data. That gets you a rate of 10 to 1,000 bits per second.

Researchers Steal Data From Air-Gapped Computer Over Power Lines

As a proof of concept, the team transmitted data at a rate of 1,000 bits per second from an Intel Haswell CPU-based system and at 100 bits per second from an Intel Xeon E5-2620-powered server. That’s not terribly fast, but the researchers managed a zero percent error rate. Using phase-level powerhammering from outside the building, the background noise resulted in data transmission up to 3 bits per second and a 4.2 percent error rate. At that rate, you could steal a 100KB PDF in about three days.

There’s no indication anyone is using this technique in the wild to steal data from air-gapped computers. However, the proof-of-concept proves it’s possible, even if it’s also rather slow.

Continue reading

New Intel Rocket Lake Details: Backwards Compatible, Xe Graphics, Cypress Cove
New Intel Rocket Lake Details: Backwards Compatible, Xe Graphics, Cypress Cove

Intel has released a bit more information about Rocket Lake and its 10nm CPU that's been back-ported to 14nm.

NASA Discovers Vital Organic Molecule on Titan
NASA Discovers Vital Organic Molecule on Titan

In the latest analysis, researchers from NASA have identified an important, highly reactive organic molecule in Titan's atmosphere. Its presence suggests the moon could support chemical processes that we usually associate with life.

Archaeologists Discover Lost Egyptian City Said to Rival Pompeii
Archaeologists Discover Lost Egyptian City Said to Rival Pompeii

Egyptian archaeologists have found a lost city in Egypt near the Valley of the Kings. The Rise of Aten is said to rival Pompeii in terms of completeness and preservation and could tell us far more than we know now about Egyptian culture and society circa 1330 BCE.

Pfizer Claims New COVID-19 Vaccine 90 Percent Effective
Pfizer Claims New COVID-19 Vaccine 90 Percent Effective

There have been a number of COVID-19 vaccines in development in the United States and around the world, and one of them has shown some very positive preliminary results in its Phase 3 trial. One particular vaccine developed by Pfizer and German firm BioNTech appears to be more than 90 percent effective in preventing symptomatic…